tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix for API docs.

pull/334/head
Sebastian Stehle 7 years ago
parent
f9959d2cff
commit
2f2c1e5d74
2 changed files with 10 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      src/Squidex/Areas/Api/Controllers/Contents/ContentSwaggerController.cs
  2. 8
      src/Squidex/Pipeline/AppResolver.cs

3
src/Squidex/Areas/Api/Controllers/Contents/ContentSwaggerController.cs
View File

@ -6,6 +6,7 @@
// ==========================================================================
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Squidex.Areas.Api.Controllers.Contents.Generator;
using Squidex.Domain.Apps.Entities;
@ -31,6 +32,7 @@ namespace Squidex.Areas.Api.Controllers.Contents
[HttpGet]
[Route("content/{app}/docs/")]
[ApiCosts(0)]
[AllowAnonymous]
public IActionResult Docs(string app)
{
var vm = new DocsVM { Specification = $"~/content/{app}/swagger/v1/swagger.json" };
@ -41,6 +43,7 @@ namespace Squidex.Areas.Api.Controllers.Contents
[HttpGet]
[Route("content/{app}/swagger/v1/swagger.json")]
[ApiCosts(0)]
[AllowAnonymous]
public async Task<IActionResult> GetSwagger(string app)
{
var schemas = await appProvider.GetSchemasAsync(AppId);

8
src/Squidex/Pipeline/AppResolver.cs
View File

@ -9,6 +9,7 @@ using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.AspNetCore.Mvc.Filters;
using Squidex.Domain.Apps.Entities;
using Squidex.Domain.Apps.Entities.Apps;
@ -62,7 +63,7 @@ namespace Squidex.Pipeline
{
var set = user.Permissions();
if (!set.Includes(Permissions.ForApp(Permissions.App, appName)))
if (!set.Includes(Permissions.ForApp(Permissions.App, appName)) && !AllowAnonymous(context))
{
context.Result = new NotFoundResult();
return;
@ -85,6 +86,11 @@ namespace Squidex.Pipeline
await next();
}
private static bool AllowAnonymous(ActionExecutingContext context)
{
return context.ActionDescriptor.FilterDescriptors.Any(x => x.Filter is AllowAnonymousFilter);
}
private static PermissionSet FindByOpenIdClient(IAppEntity app, ClaimsPrincipal user)
{
var clientId = user.GetClientId();

Write Preview
Loading…
Cancel
Save